Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification

Domenico Cotroneo; Luigi De Simone; Roberto Natella

首页> 外文期刊>Computers & Security >Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification

【24h】

Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification

机译：根据公共标准安全认证，vxworks密尔嵌入式管理程序的定时封面频道分析

获取原文

获取原文并翻译 | 示例

开具论文收录证明 >>

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Virtualization technology is nowadays adopted in security-critical embedded systems to achieve higher performance and more design flexibility. However, it also comes with new security threats, where attackers leverage timing covert channels to exfiltrate sensitive information from a partition using a trojan. This paper presents a novel approach for the experimental assessment of timing covert channels in embedded hypervisors, with a case study on security assessment of a commercial hypervisor product (Wind River VxWorks MILS), in cooperation with a licensed laboratory for the Common Criteria security certification. Our experimental analysis shows that it is indeed possible to establish a timing covert channel, and that the approach is useful for system designers for assessing that their configuration is robust against this kind of information leakage.

机译：如今，虚拟化技术在安全关键的嵌入式系统中采用，以实现更高的性能和更多的设计灵活性。但是，它还具有新的安全威胁，攻击者利用时序隐蔽通道从使用特洛伊木马从分区中抵抗敏感信息。本文提出了一种新的方法，用于嵌入式虚拟机管理程序中定时秘密渠道的实验评估，案例研究了商业管理程序（Wind River VxWorks Mils）的安全评估，与许可实验室合作，共同标准安全认证。我们的实验分析表明，确实可以建立定时封面通道，并且该方法对于系统设计人员来说是有用的，用于评估它们的配置对这种信息泄漏的强大。

著录项

来源
《Computers & Security》 |2021年第7期|102307.1-102307.13|共13页
作者
Domenico Cotroneo; Luigi De Simone; Roberto Natella;
展开▼
作者单位

DIETI - Universita degli Studi di Napoli Federico Ⅱ Via Claudio 21 Napoli 80125 Italy;

DIETI - Universita degli Studi di Napoli Federico Ⅱ Via Claudio 21 Napoli 80125 Italy;

DIETI - Universita degli Studi di Napoli Federico Ⅱ Via Claudio 21 Napoli 80125 Italy;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Common criteria; Certification; Software security; Hypervisors; Virtualization; Embedded systems; VxWorks; MILS; Separation kernel; Covert channels;

机译：共同标准;认证;软件安全;虚拟机管理程序;虚拟化;嵌入式系统;VxWorks;米尔斯;分离内核;隐蔽频道;

相似文献

外文文献
中文文献
专利

1. Detecting JitterBug covert timing channel with sparse embedding [J] . Zhai Jiangtao, Wang Mingqian, Liu Guangjie, Security and Communications Networks . 2016,第11期

机译：使用稀疏嵌入检测JitterBug隐蔽定时通道
2. Using hierarchical statistical analysis and deep neural networks to detect covert timing channels [J] . Darwish Omar, Al-Fuqaha Ala, Ben Brahim Ghassen, Applied Soft Computing . 2019,第期

机译：使用分层统计分析和深神经网络来检测隐蔽定时频道
3. A comparative analysis of detection metrics for covert timing channels [J] . Rennie Archibald, Dipak Ghosal Computers & Security . 2014,第sepa期

机译：秘密定时通道检测指标的比较分析
4. Security certification experience for industrial cyberphysical systems using Common Criteria and IEC 62443 certifications in certMILS [C] . Andreas Hohenegger, Gerald Krummeck, Janie Baños, International Conference on Industrial Cyber-Physical Systems . 2021

机译：使用公共标准和IEC 62443在Certmils的IC 62443认证的安全认证体验
5. Covert timing channel analysis in MLS real-time systems [D] . Son, Joon 2008

机译：MLS实时系统中的隐式定时信道分析
6. Covert Timing Channel Analysis Either as Cyber Attacks or Confidential Applications [O] . Shorouq Al-Eidi, Omar Darwish, Yuanzhu Chen 2020

机译：隐式定时通道分析无论是网络攻击还是机密应用
7. Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification [O] . Domenico Cotroneo, Luigi De Simone, Roberto Natella 2021

机译：根据公共标准安全认证，vxWorks密尔斯嵌入式管理程序的定时隐蔽频道分析
8. Towards MIL-STD-1553B Covert Channel Analysis. [R] . Nguyen, T. D. 2015

机译：迈向mIL-sTD-1553B隐蔽通道分析。

Timing covert channel analysis of the VxWorks MILS embedded hypervisor under the common criteria security certification

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅